服务器间通过ssh使用密钥对实现无密码登录solaris,redhat,linux
hosta和hostb都必须同步完成以下操作,以hosta为例================================================================
1、创建密钥对,两台都做
# who am i
root pts/1 2008-04-30 12:08 (172.16.10.220)
# cd ~/.ssh
# ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa. -------私钥名一定要叫id_dsa
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
0a:13:25:19:a2:59:2c:b1:49:e6:62:90:57:07:e5:f7 root@hosta
passphrase(密钥保护) 保留为空,否则使用ssh时将要求输入passphrase(密钥保护)
2、发布公钥和获取公钥
# scp id_dsa.pub hostb:/root/.ssh/hosta.key.pub
root@hostb's password:
id_dsa.pub 100%600 0.6KB/s 00:00
# scp hostb:/root/.ssh/id_dsa.pub /root/.ssh/hostb.key.pub
root@hostb's password:
id_dsa.pub 100%600 0.6KB/s 00:00
3、对公钥授权两台都做
# cat hosta.key.pub >>authorized_keys2 -----对A机公钥授权,A机用私钥来登录B机
# cat id_dsa.pub >>authorized_keys2 -----可选项,本机登录本机,可不配置
如果是ssh v1版本,比如solaris 9,就使用authorized_keys文件
4、使用密钥对登录
# ssh hostb
Last login: Sun Apr 27 00:04:49 2008 from 172.16.10.220
已经不用输入密码
http://bbs.chinaunix.net/images/smilies/icon_lol.gif
lol
http://bbs.chinaunix.net/images/smilies/victory.gif
http://bbs.chinaunix.net/images/smilies/victory.gif
# exit
logout
Connection to hostb closed.
本文来自ChinaUnix博客,如果查看原文请点:http://blog.chinaunix.net/u3/97963/showart_2038240.html
页:
[1]